(The writer is a Reuters contributor. The opinions expressed
are her own.)
By Hilary Johnson
Aug 7 Fraudulent emails from hackers used to be
obvious, full of misspellings and bad grammar. Now cyber crooks
are even sounding like their victims as they try to trick
financial advisers into wiring money from clients' accounts.
No one at Fort Pitt Capital in Pittsburgh has fallen for
such schemes. But the firm, like many others, is beefing up
cyber security education for employees. It is also boosting
client outreach in the face of rampant identify theft, which the
Federal Bureau of Investigation notes is the fastest growing
crime in the United States, and cyber attacks, which exceed
100,000 per day.
Fort Pitt held its first cyber security seminar for clients
last week, tapping expertise from True North Networks, a New
Hampshire-based technology consulting firm it hired to provide
network surveillance, employee training and client communication
assistance. The seminar offered tips such as using a two-step
process to log in to email, developing strong passwords, and
evading email phishing attempts.
After a large turnout of more than 50 clients, Fort Pitt
expects to hold more events, and is considering developing a
webinar, said Todd Douds, Fort Pitt's director of research and
The need to educate clients about cyber security threats is
"morphing the job," Douds said. "Our role is to be trusted
advisers, and that's historically been around financial
planning. But now it's also about helping them protect their
financial assets from criminal activity."
Mitigating cyber threats fits in well with financial
advisers' mandates, said Karl Schimmeck, managing director of
financial services operations at the Securities Industry and
Financial Markets Association (SIFMA).
What is more, hacking incidents can land firms in hot water
for running afoul of privacy rules and laws. One broker, for
example, was recently barred after following a fraudster's
"The more people think about cyber security, the better it
is for everyone," Schimmeck said.
SIFMA holds its own cyber security webinars, including one
for small firms on Aug. 12, and also works with The Financial
Services - Information Sharing and Analysis Center (FS-ISAC), a
forum for sharing information about cyber security threats.
Some larger firms have devoted specialized in-house
resources to the problem. About a year ago, Raymond James
Financial Inc set up a team, Threat Intelligence
Analysis, to analyze breaches and hacks, and shape the firm's
response and communications for employees, advisers, and
clients, said Andy Zolper, chief information security officer at
For example, the team taps into FS-ISAC, monitors events,
and prepares Frequently Asked Questions (FAQs) for advisers when
a notable breach occurs, Zolper said.
"Five years ago, the client question would have been, 'Is my
information safe?'" Zolper said. "Now they're looking for more
detail, and we're definitely providing it."
Advisers' mindsets have also changed. "I don't think the
majority of advisers felt as though cyber security was their
problem," Zolper added. "Now they definitely get that."
(Reporting by Hilary Russ; Editing by Suzanne Barlyn and